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DETAILED ACTION 

Claims 1-22 are currently presented and have been examined. 
Response to Arguments 

Applicant's arguments filed 24 March 2009 have been fully considered but they 
are not persuasive. 

The Applicant argues that the cited sections of the specification used by the 
Examiner that was construed to be admitted prior art "are no longer AAPA" since 
"Applicant has amended the Specification to more clearly define which portions thereof 
relate to the background of the invention and which portions relate to a description of 
the invention. Hence, those elements of the present invention which were deemed to be 
AAPA due to their inclusion in a section of the Specification interpreted as the 
"background" of "prior art" section of the Specification are now clearly in the portion of 
the Specification which describe the invention." 

The Examiner respectfully disagrees. 

The portions of the specification pointed to by the Examiner described "existing" 
methods and also described the work of others, namely "Baseband Specification" in 
"Specification of the Bluetooth System, Core, Version 1.1", Bluetooth Special Interest 
Group". This original disclosure cannot be considered to no longer be admitted prior art 
merely based on the location of the disclosure within the specification, rather, it is the 
actual language of the disclosure that controls. Therefore, this subject matter is still 
considered to be admitted prior art and, as shown previously by the Examiner, taught 
the claimed invention. Therefore, the claims are not in condition for allowance. 



Application/Control Number: 10/527,397 Page 3 

Art Unit: 2443 

Claim Rejections 

Claims 1-4, 6, 8-18, 20, and 22 are rejected in view of the Applicant's admitted 
Prior Art ("AAPA"). The Applicant described subject matter in the specification at page 
3, lines 12-17, page 6, lines 23-29, page 21, lines 13-27, page 22, line 23-page 23, line 
2, page 25, lines 5-14, page 25, line 23-page 26, line 2, and page 27, lines 4-12 that 
was by another, therefore, this statement is construed by the Examiner that this 
statement constitutes an admission of prior art and any subject matter associated with 
these statements are construed to be prior art applicable to the claims. See MPEP 2129 
and Riverwood Int'l Corp. v. R.A. Jones & Co., 324 F.3d 1346, 1354, 66 USPQ2d 1331 , 
1337 (Fed Cir. 2003). Note that this rejection is separate and distinct from prior art 
rejections made under 35 USC 102 and 103. 

Regarding claim 1 , "AAPA" disclosed a method of providing to a client 
communications device access to a subscription module ("module that is physically 
inseparable from the server communications device"; see page 9, lines 20-22) of a 
server communications device, the method comprising the steps of: 

establishing a communications link between the client communications device 
and the server communications device; and communicating a number of messages (M) 
comprising data related to the subscription module (communicated data using a 
Bluetooth connection) between the server communications device and the client 
communications device via the communications link (wireless Bluetooth connection); 
wherein the method further comprises the step of providing integrity protection ("any 
method of assuring that information sent from an originating source is not accidentally 
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or maliciously altered or destroyed during communication from the source to the 
receiver"; see page 5, lines 12-14 of the specification) of the messages communicated 
between the server communications device and the client communications device via 
the communications link, (see at least page 3, lines 12-17 and page 7, lines 1-6 of the 
specification) 

Regarding claim 2, "AAPA" disclosed the method according to claim 1, wherein 
the step of providing integrity protection further comprises calculating, based on a secret 
session key, a respective message authentication code for each of the communicated 
messages; and including the calculated message authentication code into the 
corresponding communicated message, (see at least page 22, line 23-page 23, line 2) 

Regarding claim 3, "AAPA" disclosed the method according to claim 2, wherein 
the step of establishing a communications link between the client and server 
communications devices comprises determining a secret session key based on a 
shared secret between the server and client communications devices, (see at least 
page 25, line 23-page 26, line 2) 

Regarding claim 4, "AAPA" disclosed the method according to claim 3, wherein 
the method further comprises providing the shared secret by performing a secure 
pairing procedure including receiving a passcode by at least one of the client 
communications device and the server communications device, (see at least page 27, 
lines 4-12) 

Regarding claim 6, "AAPA" disclosed the method according to claim 3, wherein 
the communications link has a secret link key related to it and the method further 
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comprises providing the shared secret by calculating the shared secret using the secret 
link key as an input, (see at least page 25, lines 5-14) 

Regarding claim 8, "AAPA" disclosed the method according to claim 1, wherein 
the method further comprises determining, for the messages communicated from the 
client communications device to the server communications device, whether the 
message is authorised to address the subscription module, (see at least page 3, lines 
12-17 and page 7, lines 1-6 of the specification) 

Regarding claim 9, "AAPA" disclosed the method according to claim 8, wherein 
the method further comprises: providing a shared secret between the client 
communications device and the server communications device; and providing an 
access control list stored in the server communications device in relation to at least one 
of the shared secret and the client communications device, (see at least page 27, lines 
4-12) (note that the server specifically interacts with the client using cryptography, 
therefore, a strong association between the server and the client is established and the 
cryptographic settings used between the client and the server on the server is 
considered to encompass the claimed "access control list" where the server is in a 
generic and nominal relation to the "client communications device", therefore allowing 
the client access to the server based on the agreed upon cryptographic settings) 

Regarding claim 15, "AAPA" disclosed the method according to claim 14, 
wherein the access control list is stored in a protected database, (note that 
cryptographic settings are essential to the security of the connection and are stored in 
confidence at the server and are thus considered to be "protected") 
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Claims 10-12 are also rejected since these claims recite substantially the same 
limitations as recited in claim 1. 

Claims 13 and 22 are also rejected since these claims recite substantially the 
same limitations as recited in claims 1 and 8 in combination. 

Claim 14 is rejected since this claim recites substantially the same limitations as 
recited in claim 9. 

Claims 16-20 are also rejected since these claims recite substantially the same 
limitations as recited in claims 2-6 respectively. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1 , 148 
USPQ 459 (1966), that are applied for establishing a background for determining 
obviousness under 35 U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating 
obviousness or nonobviousness. 

Claim 5 and 19 are rejected under 35 U.S.C. 103(a) as being unpatentable over 

"AAPA". 

Regarding claim 5, "AAPA" disclosed the method according to claim 4. 
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"AAPA" did not expressly disclose wherein the passcode is at the most 48 bits 

long. 

It would have been obvious to one having ordinary skill in the art at the time of 
the invention was made to create a passcode which is at most 48 bits long, since it has 
been held that discovering an optimum value of a result effective variable involves only 
routine skill in the art. In re Boesch, 617 F.2d 272, 205 USPQ 215 (CCPA 1980). 

Claim 19 is also rejected since this claim recites substantially the same 
limitations as recited in claim 5. 

Claims 7 and 21 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
"AAPA" in view of US Patent 6,449,473 to Raivisto. 

Regarding claim 7, "AAPA" disclosed the method according to any one of claims 
2 through 6. 

"AAPA" did not expressly disclose wherein the method further comprises: 
incorporating a value of a first counter in each of the messages communicated from the 
client communications device to the server communications device, the first counter 
being indicative of the number of messages communicated from the client 
communications device to the server communications device; and incorporating a value 
of a second counter in each of the messages communicated from the server 
communications device to the client communications device, the second counter being 
indicative of the number of messages communicated from the server communications 
device to the client communications device; and wherein the step of calculating a 
respective message authentication code for each of the communicated messages 
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comprises calculating a message authentication code for each of the communicated 
messages and the corresponding counter value, however, Raivisto did disclose these 
limitations (the counter value being a "sequence number"; see at least column 3, line 
66-column 4, line 26) 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine the teachings of these references since Raivisto 
disclosed that using counter values in the calculation of the message authentication 
code allows for the specific advantage of recalculating the code for stronger security 
and to enable synchronous recalculation between the client and the server (see at least 
column 4, line 5-9). Therefore, based on this specific motivation and that the references 
are analogous to one another in the context of message security and communication 
security, one of ordinary skill would have been motivated to modify the teachings of 
"AAPA" to include the subject matter taught in Raivisto in order to arrive at a more 
robust and secure communication link between a client and a server. 

Claim 21 is also rejected since this claim recites substantially the same 
limitations as recited in claim 7. 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
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mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to George C. Neurauter, Jr. whose telephone number is 
(571)272-3918. The examiner can normally be reached on the hours between 8:30am- 
5:00pm Eastern. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Tonia Dollinger, can be reached on 571-272-4170. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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